775bda4e62839b04ee815079ff8400b0be21eb504d2424837694b15b9af027e3

Sharing

Copy URL

Twitter E-mail

General

Target

775bda4e62839b04ee815079ff8400b0be21eb504d2424837694b15b9af027e3
Size

2.1MB
MD5

03089fda57c2fc612d18049981897d48
SHA1

7b09e41723fcabf7cc0a32ad5595948424064366
SHA256

775bda4e62839b04ee815079ff8400b0be21eb504d2424837694b15b9af027e3
SHA512

320e9097097b14ccea536eccd2fb479bd255c4d3746f7c3019558df67557669afb46db7a37f99b2de173e34d7ec7dc550e78289dcd334d8e83289b67bdb2e163
SSDEEP

49152:ozLXqouojrClRuNQRCyhR5jv8Q0pQxD3:MmoH4OQRCQ1xD

Score

N/A

Malware Config

Signatures

Files

775bda4e62839b04ee815079ff8400b0be21eb504d2424837694b15b9af027e3
.dll windows x86

a0573a3c38de8ea4cd7c0b4bf79b6f7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFileTime
GetFileSize
GetFileAttributesW
CreateFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
SuspendThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrlenA
GetVersionExW
FreeResource
GetCurrentThreadId
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
InterlockedCompareExchange
FlushInstructionCache
SetThreadContext
GetThreadContext
GetSystemDirectoryA
FormatMessageW
LocalFree
MulDiv
InterlockedExchangeAdd
CreateEventA
TerminateThread
ResumeThread
WaitForSingleObject
SetEvent
InterlockedExchange
GetPrivateProfileStringW
LoadLibraryExW
WritePrivateProfileStringW
lstrcmpiW
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetVersion
CloseHandle
DeleteCriticalSection
RaiseException
GetCurrentThread
FreeLibrary
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
GetLocalTime
GetLastError
SetLastError
LoadLibraryW
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GlobalFindAtomW
GlobalAddAtomW
Beep
GlobalDeleteAtom
GetModuleHandleW
GetModuleFileNameW
GetCurrentProcessId
GetTickCount
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
MultiByteToWideChar

user32

PostThreadMessageW
TranslateMessage
ValidateRect
PostQuitMessage
GrayStringW
DrawTextExW
TabbedTextOutW
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
GetMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
PeekMessageW
DispatchMessageW
GetSystemMetrics
IsZoomed
CharNextW
GetNextDlgGroupItem
OffsetRect
FillRect
DrawFrameControl
InflateRect
DrawFocusRect
DrawTextW
RegisterWindowMessageW
GetSysColor
GetAsyncKeyState
CreateWindowExW
RegisterClassExW
BeginPaint
EndPaint
DefWindowProcW
IsIconic
ShowWindow
CharUpperW
UnregisterClassW
DestroyMenu
GetSysColorBrush
RegisterClipboardFormatW
GetMessageW
MoveWindow
GetWindowLongW
IsWindowUnicode
GetClassLongW
GetClassLongA
EqualRect
SetRect
IsRectEmpty
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
GetWindowDC
RegisterHotKey
ClientToScreen
GetClientRect
UnregisterHotKey
GetFocus
IsWindowVisible
PostMessageW
ReleaseDC
GetDC
GetCursorPos
ScreenToClient
ReleaseCapture
LoadCursorW
SetCursor
IsWindow
LoadIconW
SetCapture
KillTimer
SetTimer
InvalidateRect
GetWindowRect
DrawIcon
PtInRect
MessageBoxW
GetKeyNameTextW
EnableWindow
GetParent
SendMessageW
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
GetDeviceCaps
GetStockObject
CreateFontIndirectW
GetBkColor
CreateSolidBrush
SetBkMode
SetTextColor
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
CreateDIBitmap
SetROP2
CreatePen
SelectObject
Rectangle
EnumFontFamiliesExW

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegQueryValueW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteValueW
RegDeleteKeyW
OpenProcessToken
GetTokenInformation
RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileW

shlwapi

PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoDisconnectObject
CoInitializeEx
CLSIDFromProgID
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter

oleaut32

LoadTypeLi
SysStringLen
VariantChangeType
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
VariantCopy

Exports

Exports

uCLwhq

Sections

.text
Size: 616KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 644KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0573a3c38de8ea4cd7c0b4bf79b6f7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 616KB - Virtual size: 613KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 16KB - Virtual size: 48KB

.vmp0 Size: 668KB - Virtual size: 667KB

.reloc Size: 48KB - Virtual size: 45KB

.rsrc Size: 644KB - Virtual size: 640KB

.text
Size: 616KB - Virtual size: 613KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 16KB - Virtual size: 48KB

.vmp0
Size: 668KB - Virtual size: 667KB

.reloc
Size: 48KB - Virtual size: 45KB

.rsrc
Size: 644KB - Virtual size: 640KB